• flag iframe/sub_frame requests in scriptweeder function [238a6f0]
• Make scripts from iframes follow the rules of the iframe rather than the top domain? [238a6f0]
  Might help youtube videos for example, where all allowed rules for it would be applied to those frames requiring only the user to allow youtube on the page, and not all of its scripts as well.
• Add marks on iframe object and parent host [87e3942]
• Better style childs of an iframe, including hide them until a button is clicked [87e3942]

• Preferences made in private browsing vanish on close
  On private windows changing settings should only apply to the private session, when all private windows are closed those must vanish
  Don't store, only add in background variable and clean it on last window closed
• Option to inherit preferences
  An option to choose between using the default preferences when starting a private browsing or already inherit the current preferences

Make popup buttons work AKA be able to change settings (in progress...)

• Be able to see a list of each individual script [26b6976]
• Save exception rule when checking the checkmarks [b602037]
• Automatically check the correct scripts when choosing Filtered & Relaxed [1dbc450]
• Save the policy in the correct scope [537917c]

From time to time I see an error when trying to save the script information @scriptweeder, hard to reproduce.

Some remarks I saw:

• Seems to be a problem where tabStorage for that tab does not exists.
• On first call for @addTab nothing is added in tabStorage
• A script is loaded in between chrome.tabs.onUpdated and chrome.webNavigation.onCommitted (Fixed with 27a0c49)

Another related bug is that scripts can be loaded from other things other than sub_frame, at least it seems, needs checking.

Add a way to be able to update the rules on updates without messing with the user's preferences.

Must check if rule won't overwrite, save without overwrite and request user action.

The block all policy (policy 3) also requires an extra policy to block inline <scripts> and to make <noscript> tags visible.

Chromium API allows to change the browser Javascript options but the solution must also keep track of it so the popup shows info accordingly.

The Chrome newtab also loads scripts associated with that tab, A special handling is required for such tab.

Does not affect other browsers without this like Vivaldi.

Related to #8

I undestand that the colors are set and this indeed is a good thing. Maybe then the colors could be switched. If the most common setting is relaxed maybe change that one to GREEN and set filtered to blue. So the user has the "feel safe" feeling.

Maybe you could make to icon color more visible? Maybe a simpler/bigger icon (to see the "state" better - compare Scriptsafe).

Although the hat one is kind of a funny and smart "corperate identity".

Can you improve this?

Another thing what's the difference for Umatrix? Is there a difference?
Thank you!

A new button should exist to allow all script for a single moment without saving preferences.

When opening a site on archive.org the policy is not being applied correctly.

Please add the option to reload the page, if one clicks outside the UI-window). Today the page has to be refreshed manually for the changes to take effect.

One has to be able to see the settings and then edit them

• Fill page with current preferences
• Be able to edit and save the preferences
• Style the page with a nice design

Add support to work on internal pages, focus on extension preferences pages.

Related to #7

Some connections (websockets?) occur without a tabid, connections coming from extension popups or other means also occur without a tabid. Need to keep an eye on all of them.